github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-06 05:27:07 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
Linux kernel source tree
977,595 Commits 1 Branch 933 Tags 20 GiB
C 97%
Assembly 1%
Shell 0.6%
Rust 0.5%
Python 0.4%
Other 0.3%
62f813769f
Go to file
Pavel Skripkin 62f813769f netfilter: nft_ct: protect nft_ct_pcpu_template_refcnt with mutex 
[ Upstream commit e3245a7b7b ]

Syzbot hit use-after-free in nf_tables_dump_sets. The problem was in
missing lock protection for nft_ct_pcpu_template_refcnt.

Before commit f102d66b33 ("netfilter: nf_tables: use dedicated
mutex to guard transactions") all transactions were serialized by global
mutex, but then global mutex was changed to local per netnamespace
commit_mutex.

This change causes use-after-free bug, when 2 netnamespaces concurently
changing nft_ct_pcpu_template_refcnt without proper locking. Fix it by
adding nft_ct_pcpu_mutex and protect all nft_ct_pcpu_template_refcnt
changes with it.

Fixes: f102d66b33 ("netfilter: nf_tables: use dedicated mutex to guard transactions")
Reported-and-tested-by: syzbot+649e339fa6658ee623d3@syzkaller.appspotmail.com
Signed-off-by: Pavel Skripkin <paskripkin@gmail.com>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2021-09-22 12:28:03 +02:00
arch s390/bpf: Fix branch shortening during codegen pass 2021-09-22 12:28:02 +02:00
block block, bfq: honor already-setup queue merges 2021-09-22 12:28:01 +02:00
certs certs: Trigger creation of RSA module signing key if it's not an RSA key 2021-09-15 09:50:29 +02:00
crypto crypto: sm2 - fix a memory leak in sm2 2021-07-14 16:56:06 +02:00
Documentation dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation 2021-09-22 12:27:59 +02:00
drivers PCI: iproc: Fix BCMA probe resource handling 2021-09-22 12:28:02 +02:00
fs fuse: fix use after free in fuse_read_interrupt() 2021-09-22 12:28:00 +02:00
include PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms 2021-09-22 12:28:00 +02:00
init
ipc
kernel tracing/probes: Reject events which have the same name of existing one 2021-09-22 12:28:00 +02:00
lib lib/test_stackinit: Fix static initializer test 2021-09-18 13:40:37 +02:00
LICENSES
mm mm/memory_hotplug: use "unsigned long" for PFN in zone_for_pfn_range() 2021-09-22 12:27:59 +02:00
net netfilter: nft_ct: protect nft_ct_pcpu_template_refcnt with mutex 2021-09-22 12:28:03 +02:00
samples samples: bpf: Fix tracex7 error raised on the missing argument 2021-09-18 13:40:23 +02:00
scripts gen_compile_commands: fix missing 'sys' package 2021-09-22 12:27:58 +02:00
security Smack: Fix wrong semantics in smk_access_entry() 2021-09-18 13:40:18 +02:00
sound ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B 2021-09-18 13:40:33 +02:00
tools selftest: net: fix typo in altname test 2021-09-22 12:27:58 +02:00
usr
virt KVM: Do not leak memory for duplicate debugfs directories 2021-08-12 13:22:17 +02:00
.clang-format
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS
Makefile Linux 5.10.67 2021-09-18 13:40:38 +02:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.